Def Con 2019 and Hacking iOS Contacts

· · Link

Another Apple hack shown off over the weekend at Def Con 2019 involves iOS Contacts and a SQLite vulnerability. But it’s not something we need to worry about. Emphasis mine:

Documented In a 4,000-word report seen by AppleInsider, the company’s hack involved replacing one part of Apple’s Contacts app and it also relied on a known bug that has hasn’t been fixed four years after it was discovered…

They replaced a specific component of the Contacts app and found that while apps and any executable code has to have gone through Apple’s startup checks, an SQLite database is not executable.

Basically, it sounds like the bug is only available if you specifically remove a key component of Contacts.

News+: Don't Give Money to Ransomware Scammers

· · Link

In the latest issue of PCMag, Max Eddy writes that you shouldn’t give money to ransomware attackers when they ask.

First, most cyberattacks—including ransomware—don’t last long. The command and control servers that issue the unlock commands and receive payment can be found and taken offline…In either case, anyone who has been infected and not paid the ransom can no longer get their system unlocked, even if they pay.

This is why keeping several backups is important, one online, one offline. And keep your operating system up to date with the latest security patches and improvements.

This is part of Andrew’s News+ series, where he shares a magazine every Friday to help people discover good content in Apple News+.

That Recent Data Breach Might Not Be Limited to Capital One

· · Link

The Capital One data breach might not have bene limited to the bank. Other companies could’ve been affected too, according to Slack messages from the hacker Paige Thompson.

Reports from Forbes and security reporter Brian Krebs indicating that Capital One may not have been the only company affected, pointing to “one of the world’s biggest telecom providers, an Ohio government body, and a major U.S. university,” according to Slack messages sent by the alleged hacker.

Krebs posted a screenshot of a list of files purportedly stolen by the alleged hacker. The stolen data contained filenames including car maker “Ford” and Italian financial services company “Unicredit.”

Capital One Hack Affects Credit Card Customers

· · Link

On July 19 Capital One found it had gotten hacked. The FBI arrested the hacker but 100 million U.S. customers are affected.

The largest category of information accessed was information on consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019. This information included personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.

What angers me the most about this is the fact that I had to read the news to learn what happened. As a Capital One customer I feel I should’ve been notified by email. Customers affected by this will get an email but I want a notification email as well. Maybe I’ll get five bucks like those affected by Equifax.

NSO Group Tool Harvests Targeted iCloud Data

· · Link

Israel-based NSO Group claims it can harvest iCloud data in targeted attacks. It’s said to be a version of the Pegasus spyware.

Attackers using the malware are said to be able to access a wealth of private information, including the full history of a target’s location data and archived messages or photos, according to people who shared documents with the Financial Times and described a recent product demonstration.

When questioned by the newspaper, NSO denied promoting hacking or mass-surveillance tools for cloud services, but didn’t specifically deny that it had developed the capability described in the documents.

How to Break Into an iCloud-Locked iPhone

· · Link

Unknown Criminal

Hackers, thieves, and independent repair companies can find ways to break into iCloud-locked iPhones.

The iCloud security feature has likely cut down on the number of iPhones that have been stolen, but enterprising criminals have found ways to remove iCloud in order to resell devices…Making matters more complicated is the fact that not all iCloud-locked phones are stolen devices—some of them are phones that are returned to telecom companies as part of phone upgrade and insurance programs.

TL;DR: Phishing, mugging, and social engineering are methods. You can even remove the CPU and reprogram it by stealing an unused IMEI.

Slack Warns it Could Become a Target of Nation State Hacking

· · Link

Popular workplace app Slack is preparing to go public, and it warns investors it may become a target of nation state hacking.

Companies that are preparing to go public—such as Uber, Lyft, Pinterest, Snapchat, and PagerDuty—all have sections in their S-1 registrations that address the threat of “unauthorized access” to their software, systems, and technologies. However, none of these companies explicitly referred to “organized crime” or “nation-states,” as Slack did in its S-1 filing.

Ms. Haskins also reminds us that Slack doesn’t have end-to-end encryption, and in some cases your boss can download and read your entire Slack history without you knowing.

500M iOS Users Affected by Cyberattack via Chrome Bug

· · Link

Roughly 500 million iOS users have been affected by a cyberattack that takes advantage of an iOS Chrome bug.

The attacks are the work of the eGobbler gang, researchers said, which has a track record of mounting large-scale malvertising attacks ahead of major holiday weekends. Easter is coming up, and the crooks are banking on consumers spending a lot more time than usual browsing the web on their phones.

Another research firm says this attack can also affect Safari users. Be careful this weekend.

Two Students Accused of Jamming School Wi-Fi to Avoid Tests

· · Link

Two high school students in New Jersey successfully jammed their school’s Wi-Fi network in order to avoid taking exams.

Secaucus Schools Superintendent Jennifer Montesano says the school’s Wi-Fi network has been restored and is now fully operational. But she declined further comment. Since much of the school’s curriculum is internet-based, the lack of Wi-Fi connection disrupted the students’ daily assignments.

As Redditor u/AdvancedAdvance quipped: “Although their slowing down the network to unusable speeds will land them in a lot of trouble at school, they can now expect to get full-time, high-paying job offers from AT&T and Verizon.”

Beto O'Rourke and the Cult of the Dead Cow

· · Link

Beto O’Rourke is a Democratic candidate for the 2020 presidential race. In a recent interview he revealed he was part of the Cult of the Dead Cow, the oldest hacking group in the U.S.

The hugely influential Cult of the Dead Cow, jokingly named after an abandoned Texas slaughterhouse, is notorious for releasing tools that allowed ordinary people to hack computers running Microsoft’s Windows. It’s also known for inventing the word “hacktivism” to describe human-rights-driven security work.